View Javadoc
1   /*
2    * Licensed to The Apereo Foundation under one or more contributor license
3    * agreements. See the NOTICE file distributed with this work for additional
4    * information regarding copyright ownership.
5    *
6    *
7    * The Apereo Foundation licenses this file to you under the Educational
8    * Community License, Version 2.0 (the "License"); you may not use this file
9    * except in compliance with the License. You may obtain a copy of the License
10   * at:
11   *
12   *   http://opensource.org/licenses/ecl2.txt
13   *
14   * Unless required by applicable law or agreed to in writing, software
15   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
17   * License for the specific language governing permissions and limitations under
18   * the License.
19   *
20   */
21  
22  package org.opencastproject.authorization.xacml.manager.impl.persistence;
23  
24  import static org.opencastproject.db.Queries.namedQuery;
25  import static org.opencastproject.security.api.AccessControlParser.parseAclSilent;
26  import static org.opencastproject.security.api.AccessControlParser.toJsonSilent;
27  
28  import org.opencastproject.authorization.xacml.manager.api.ManagedAcl;
29  import org.opencastproject.security.api.AccessControlList;
30  
31  import org.apache.commons.lang3.tuple.Pair;
32  
33  import java.util.List;
34  import java.util.Optional;
35  import java.util.function.Function;
36  
37  import javax.persistence.Basic;
38  import javax.persistence.Column;
39  import javax.persistence.Entity;
40  import javax.persistence.EntityManager;
41  import javax.persistence.FetchType;
42  import javax.persistence.GeneratedValue;
43  import javax.persistence.GenerationType;
44  import javax.persistence.Id;
45  import javax.persistence.Lob;
46  import javax.persistence.NamedQueries;
47  import javax.persistence.NamedQuery;
48  import javax.persistence.Table;
49  import javax.persistence.Transient;
50  import javax.persistence.UniqueConstraint;
51  
52  @Entity(name = "ManagedAcl")
53  @Table(name = "oc_acl_managed_acl",
54         uniqueConstraints = @UniqueConstraint(columnNames = {"name", "organization_id"}))
55  @NamedQueries({
56          @NamedQuery(name = "ManagedAcl.findByIdAndOrg",
57                      query = "SELECT e FROM ManagedAcl e WHERE e.id = :id AND e.organizationId = :organization"),
58          @NamedQuery(name = "ManagedAcl.findAllByOrg",
59                      query = "SELECT e FROM ManagedAcl e WHERE e.organizationId = :organization"),
60          @NamedQuery(name = "ManagedAcl.deleteByIdAndOrg",
61                      query = "DELETE FROM ManagedAcl e WHERE e.id = :id AND e.organizationId = :organization") })
62  /** JPA link of {@link ManagedAcl}. */
63  public class ManagedAclEntity implements ManagedAcl {
64    @Id
65    @GeneratedValue(strategy = GenerationType.AUTO)
66    @Column(name = "pk")
67    private Long id;
68  
69    @Column(name = "name", nullable = false, length = 128)
70    private String name;
71  
72    @Lob
73    @Basic(fetch = FetchType.LAZY)
74    @Column(name = "acl", nullable = false)
75    private String acl;
76  
77    @Transient
78    private AccessControlList parsedAcl;
79  
80    @Column(name = "organization_id", nullable = false, length = 128)
81    private String organizationId;
82  
83    /** JPA constructor */
84    public ManagedAclEntity() {
85    }
86  
87    ManagedAclEntity update(String name, AccessControlList acl, String orgId) {
88      // Update the ACL first, since it's fetching the entity and overriding the previous set values
89      this.acl = toJsonSilent(acl);
90      this.name = name;
91      this.organizationId = orgId;
92      return this;
93    }
94  
95    @Override public Long getId() {
96      return id;
97    }
98  
99    @Override public String getName() {
100     return name;
101   }
102 
103   @Override public AccessControlList getAcl() {
104     if (parsedAcl == null) {
105       parsedAcl = parseAclSilent(acl);
106     }
107     return parsedAcl;
108   }
109 
110   @Override public String getOrganizationId() {
111     return organizationId;
112   }
113 
114   /** Find a managed ACL by id. */
115   public static Function<EntityManager, Optional<ManagedAclEntity>> findByIdAndOrgQuery(final String orgId,
116       final Long id) {
117     return namedQuery.findOpt(
118         "ManagedAcl.findByIdAndOrg",
119         ManagedAclEntity.class,
120         Pair.of("id", id),
121         Pair.of("organization", orgId)
122     );
123   }
124 
125   /** Find a managed ACL by id. */
126   public static Function<EntityManager, Optional<ManagedAclEntity>> findByIdQuery(final Long id) {
127     return namedQuery.findByIdOpt(ManagedAclEntity.class, id);
128   }
129 
130   /** Find all ACLs of an organization. */
131   public static Function<EntityManager, List<ManagedAclEntity>> findByOrgQuery(final String orgId) {
132     return namedQuery.findAll(
133         "ManagedAcl.findAllByOrg",
134         ManagedAclEntity.class,
135         Pair.of("organization", orgId)
136     );
137   }
138 
139   /** Delete an ACL by id. */
140   public static Function<EntityManager, Integer> deleteByIdAndOrgQuery(final String orgId, final Long id) {
141     return namedQuery.delete(
142         "ManagedAcl.deleteByIdAndOrg",
143         Pair.of("id", id),
144         Pair.of("organization", orgId)
145     );
146   }
147 }